Re: sslmode=require fallback

Поиск
Список
Период
Сортировка
От Peter Eisentraut
Тема Re: sslmode=require fallback
Дата
Msg-id ba9b9c93-5344-cef3-2c87-9a3598c7180e@2ndquadrant.com
обсуждение исходный текст
Ответ на Re: sslmode=require fallback  (Magnus Hagander <magnus@hagander.net>)
Список pgsql-hackers
Дерево обсуждения 
On 7/15/16 4:14 AM, Magnus Hagander wrote:
> The entire "prefer" mode is a design flaw, that we unfortunately picked
> as default mode.
> 
> If it fails *for any reason*, it falls back to plaintext. Thus, you have
> to assume it will make a plaintext connection. Thus, it gives you zero
> guarantees, so it serves no actual purpose from a security perspective.

I could imagine a variant of "prefer" that tries SSL if available, but
fails the connection if the SSL setup fails for some reason (e.g.,
certificates).  That would be more similar to how browsers with
HTTPS-Everywhere work.

Modulo that, I don't think that "prefer" is a bad default.

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Simon Riggs
Дата:
Сообщение: Re: One process per session lack of sharing
Следующее
От: Peter Eisentraut
Дата:
Сообщение: Re: sslmode=require fallback